App
The application surface — copilots, assistants and AI features people touch.
Read it as a grid. Down the side: the three assurance dimensions — App, Agent and Data. Across the top: the six lifecycle stages — Plan, Design, Build, Evaluate, Release, Run. Every cell is covered, because control isn’t something you apply once.
Wrapping the grid: the offerings at the top — Snapshot, Sign-Off, Managed — and the outcomes at the bottom: Visibility, Control, Evidence, Sign-off. The framework is the model behind the Snapshot, the Sign-Off Program, and Managed Assurance.
See where your AI sits — and what cannot be signed off yet.
Close the gaps until every system moves to approved.
Keep control in production as systems and risk change.
AI fails at the seams — a control applied at Build but never verified at Release, a dimension assured for the app but ignored for the agent behind it. A framework that covers every dimension at every stage is what closes those seams.
That’s the point of the full picture: not that any single cell is impressive, but that nothing is left uncovered between your AI ambition and your operational risk.